Method and system for message delivery security validation

ABSTRACT

A method, a system, and computer readable medium comprising instructions for message delivery security validation are provided. At least one authentication setting from an end user is received at a data collection system. A validation key is generated based on the at least one authentication setting. A message and the validation key are sent to a device of a recipient. The device of the recipient are automatically authenticated using the validation key. The message is delivered to the device of the recipient upon authentication.

FIELD OF THE DISCLOSURE

The present disclosure relates generally to a mobile communicationssystem. More particularly, the present disclosure provides a method, asystem, and a computer readable medium comprising instructions formessage delivery security validation in a mobile communications system.

BACKGROUND OF THE DISCLOSURE

In today's environment, most messages may be delivered in a mobilecommunications system in an unsecured manner. For example, an end usermay designate a message with data to be delivered to a recipient basedon the recipient's phone number. However, no security mechanismcurrently exists that ensures the recipient's device is the onedesignated by the end user. Without verifying that the recipient device,a device other than the one designated by the end user may receive themessage. In addition, the security of message delivery is weak in thatthe end user may not select security settings for each messagedelivered.

Alternatively, some recipient devices validate the recipient user bynotifying the recipient user that a message has arrived and requiringthe recipient user to enter a password or username for delivery. Thistype of validation, however, is not cost effective as the recipient useris charged for any inbound message received regardless of whether it isdesignated for the recipient user. In addition, this type of validationdisrupts ordinary operations performed by the recipient user when theuser is notified each time a message has arrived.

Therefore, what is needed is a method and system for message deliverysecurity validation, such that end users may specify securityauthentication for the message and recipient devices be automaticallyvalidated as the message is delivered.

SUMMARY OF THE DISCLOSURE

A method for message delivery security validation is provided. At leastone authentication setting from an end user is received at a datacollection system. A validation key is generated based on the at leastone authentication setting. A message and the validation key are sent toa device of a recipient. The device of the recipient are automaticallyauthenticated using the validation key. The message is delivered to thedevice of the recipient upon authentication.

In one embodiment, the message and the validation key are received froma data collection system. A determination is made as to whether thevalidation key is recognized. The message is delivered to the device ofthe recipient if the validation key is recognized.

In an alternative embodiment, the message and the validation key arereceived from a data collection system. A determination is made as towhether a quick response code is attached to the validation key. Themessage is placed up in priority for delivery if the quick response codeis attached to the validation key.

In yet another embodiment, the message and the validation key arereceived from a data collection system. A determination is made as towhether a quick response code is attached to the validation key. Therecipient is prompted for a quick response if the quick response code isattached to the validation key.

In still yet another embodiment, the message and the validation key arereceived from a data collection system. A determination is made as towhether the validation key is recognized. The message is returned to thedata collection system if the validation key is not recognized.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 depicts a diagram of a system for message delivery securityvalidation in accordance with one embodiment of the present disclosure;

FIG. 2 depicts a flowchart of a process for message delivery securityvalidation is depicted in accordance with one embodiment of the presentdisclosure;

FIG. 3 depicts a flowchart of a process for generating validation key inaccordance with one embodiment of the present disclosure;

FIG. 4 depicts a flowchart of a process for authenticating recipientdevice with the validation key with one embodiment of the presentdisclosure;

FIG. 5 depicts a diagram illustrating exemplary authentication settingsin accordance with one embodiment of the present disclosure;

FIG. 6 depicts a flowchart of a process for generating a validation keyin accordance with an alternative embodiment of the present disclosure;

FIG. 7 depicts a flowchart of a process for authenticating recipientdevice with the validation key with an alternative embodiment of thepresent disclosure; and

FIG. 8 depicts a diagram of an exemplary validation key in accordancewith one embodiment of the present disclosure.

DETAILED DESCRIPTION OF THE INVENTION

With reference to the figures and in particular with reference to FIG.1, a diagram of a system for message delivery security validation isdepicted in accordance with one embodiment of the present disclosure. Inmobile communications system 100, an end user 102 may initiate a voiceor data communication with a recipient user 140 for delivery of amessage. To initiate a voice or data communication, end user 102 maydial a number of the recipient user 140 using a data processing system104 via the Internet 106. Examples of data processing system 102 includea laptop computer, a desktop computer, a server, or other types ofsystems capable of sending and receiving information via a wireless orwired protocol.

Alternatively, end user 102 may dial a number of the recipient user 140using a mobile device 108, which connects to the recipient user 140 viamobile switching center or mobile station 110. In addition, end user 102may dial the number of recipient user 140 using a telephone 112, whichconnects to the recipient user 140 via a public service telephonenetwork 114. Alternatively, telephone 112 may be an InternetProtocol-enabled phone, which sends the message to recipient user 140via the Internet protocol.

Mobile communication system 100 also includes a data collection system116, which allows end user 102 to define various authentication settingsfor recipient user 140. The authentication settings may be stored in anauthentication log 118. More information regarding securityauthentication settings are discussed with reference to FIG. 5 below.

Once security authentication settings are defined by end user 102, datacollection system 116 connects to personal database 120, which comprisespersonal information of various recipients, and generates a validationkey 124 for the recipient user 140. In one embodiment, the validationkey is generated based on the authentication settings provided by theend user 102 and personal data within personal database 120.Alternatively, the validation key may be generated based on personaldata or authentication settings alone.

Once the validation key is generated, the data collection system 116sends the validation key and the data message to a recipient device.Examples of recipient device include data processing system 126, mobiledevice 130, or telephone 132. If the recipient device is data processingsystem 126, the message and validation key may be sent via the Internet128. If the recipient device is a mobile device 130, the message andvalidation key may be sent via a mobile switching center or mobilestation 132. If the recipient device is a telephone, the message andvalidation key may be sent via a public service telephone network(PSTN).

When the message and validation key are received, the recipient deviceapplication, such as recipient device application 134, 146, and 138,determines if the validation key is recognized. If the validation key isrecognized, the recipient device application delivers the receivedmessage to recipient user 140 without interruptions. In this way, thedevice may be automatically validated based on the authenticationsetting selected by the end user 102 and the message be delivered to therecipient user 140 without disrupting the recipient user 140.

It is noted that the data collection system 116 may be implemented as astandalone data processing system or server. Alternatively, the datacollection system 116 may be integrated with data processing system 104of end user 102 or data processing system 126 of recipient user 140without departing from the spirit and scope of the present disclosure.

Referring to FIG. 2, a flowchart of a process for message deliverysecurity authentication is depicted in accordance with one embodiment ofthe present disclosure. Process 200 may be implemented as computerinstructions embodied in a computer readable medium. Process 200 beginsat step 202 to receive at least one authentication setting from an enduser. The at least one authentication setting may be a security leveland/or a type of authentication for the security level. Process 200 thencontinues to step 204 to generate a validation key based on the at leastone authentication setting. Process 200 then continues to step 206 tosend a message and the validation key to a device of a recipient.Process 200 then continues to step 208 to automatically authenticate therecipient using the validation key. Process 200 then completes at step210 to deliver the message to the recipient upon authentication.

Referring to FIG. 3, a flowchart of a process for generating validationkey is depicted in accordance with one embodiment of the presentdisclosure. Process 300 may be implemented as computer instructionsembodied in a computer readable medium. In this embodiment, process 300may be implemented as computer instructions executing within datacollection system 116.

Process 300 begins at step 302 to receive authentication settings fromthe end user. The end user may select one of many authentication levelsfrom a menu and the type of authentication for the authentication level.More details regarding the authentication settings are discussed withreference to FIG. 5 below.

Process 300 then continues to step 304 to access personal data from thepersonal database. Personal data may include information about therecipient user. Process 300 then continues to step 306 to generate avalidation key. The validation key may be generated from theauthentication settings selected by the end user, the personal data, ora combination of the authentication settings and the personal data.Process 300 then continues to step 308 to store the authenticationsettings and validation key in an authentication log. After thevalidation key is generated and stored, process 300 completes at step310 to send the message by the end user and the generated validation keyto the recipient device.

Referring to FIG. 4, a flowchart of a process for authenticatingrecipient device with the validation key is depicted with one embodimentof the present disclosure. Process 400 may be implemented as computerinstructions embodied in a computer readable medium. In this embodiment,process 400 may be implemented as computer instructions executing withinrecipient device applications, such as recipient device application 134,136, and 138.

Process 400 begins at step 402 to receive the message and validation keyfrom the data collection system 116. Process 400 then continues to step404 to determine if the validation key received is recognized. In oneembodiment, the validation key may be decrypted at the recipient deviceand compared with a recipient device key. If the validation key isrecognized, process 400 completes at step 412 to deliver the message tothe recipient user without interruptions.

In an alternative embodiment, process 400 continues to step 406 todetermine if a quick response code is attached with the validation key.If a quick response code is attached, this means that a quick responseis expected from the recipient user by the end user and process 400continues to step 408 to place the message up in priority for deliveryto the recipient user. Process 400 then completes at step 412 to deliverthe message to the recipient user. By the placing the message up inpriority for delivery to the recipient user, a quick response to thepriority message may be expected from the recipient user.

In another alternative embodiment, instead of placing the message up inpriority for delivery, process 400 continues to step 410 to prompt therecipient user for a quick response, even though this may causeinterruption to the recipient user. Process 400 then completes at step412 to deliver the message to recipient user. However, if no quickresponse code is attached at step 406, process 400 completes at step 412to deliver the message to the recipient user. Returning to step 404, ifthe validation key is not recognized by the recipient deviceapplication, process 400 completes at step 414 to return the messageback to the data collection system. Alternatively, instead of returningthe message, process 400 completes at step 416 to discard the message.

Referring to FIG. 5, a diagram illustrating exemplary authenticationsettings is depicted in accordance with one embodiment of the presentdisclosure. In this embodiment, a security level menu 502 is provided tothe end user 102 for selection. In this example, the security level menu502 comprises a plurality of security levels, from A-1 to A-N 504. Thesecurity level menu 502 may vary based on the message being sent by theend user.

For each selected security level, the end user may select one or moretypes of authentication 506. For example, an end user may selectBiometric (D−1) as the type of authentication for security level A-1 andPasscode (D-2) as the type of authentication for security level A-2. Inaddition, the end user may select a combination of authentication typesfor a security level. For example, the end user may select a combinationof passcode (D-2) and voice authentication (D-3) for security level A-3.It is noted that the types of authentication 506 as shown in FIG. 5 isfor illustrative purposes only. Other types of authentication may beprovided to the end user for selection without departing the spirit andscope of the present disclosure.

In addition to generating a validation key based on security settingsselected by end user and automatically delivering the message torecipient user upon authentication, message delivery security validationmay be performed in a reverse manner at the recipient device.

Referring to FIG. 6, a flowchart of a process for generating avalidation key is depicted in accordance with an alternative embodimentof the present disclosure. Process 600 may be implemented as computerinstructions embodied in a computer readable medium. In this embodiment,process 600 may be implemented as computer instructions executing withindata collection system 116.

Process 600 begins at step 602 to receive authentication settings fromthe recipient user. The recipient user may select one of manyauthentication levels from a menu and the type of authentication for theauthentication level. Process 200 then continues to step 604 to accesspersonal data from the personal database. Personal data may includeinformation about the end user. Process 600 then continues to step 606to generate a validation key. The validation key may be generated fromthe authentication settings selected by the recipient user, the personaldata, or a combination of the authentication settings and the personaldata. Process 600 then continues to step 608 to store the authenticationsettings and validation key in an authentication log. After thevalidation key is generated and stored, process 600 completes at step610 to send the message by the recipient user and the generatedvalidation key to the end user device.

Referring to FIG. 7, a flowchart of a process for authenticatingrecipient device with the validation key is depicted with an alternativeembodiment of the present disclosure. Process 700 may be implemented ascomputer instructions embodied in a computer readable medium. In thisembodiment, process 700 may be implemented as computer instructionsexecuting within device applications of end user devices, including dataprocessing system 104, mobile device 108, and telephone 112.

Process 700 begins at step 702 to receive the message and validation keyfrom the data collection system 116. Process 700 then continues to step704 to determine if the validation key received is recognized. In oneembodiment, the validation key may be decrypted at the end user deviceand compared with end user device key. If the validation key isrecognized, process 700 completes at step 712 to deliver the message tothe end user without interruptions.

In an alternative embodiment, process 700 continues to step 706 todetermine if a quick response code is attached to the validation key. Ifa quick response code is attached, this means that a quick response isexpected from the end user by the recipient and process 700 continues tostep 708 to place the message up in priority for delivery to the enduser. Process 700 then completes at step 712 to deliver the message tothe end user. By the placing the message up in priority for delivery tothe end user, a quick response to the priority message may be expectedfrom the end user.

In another alternative embodiment, instead of placing the message up inpriority for delivery, process 700 continues to step 710 to prompt theend user for a quick response, even though this may cause interruptionto the end user. Process 700 then completes at step 712 to deliver themessage to end user. However, if no quick response code is attached atstep 706, process 700 completes at step 712 to deliver the message tothe end user. Returning to step 704, if the validation key is notrecognized by the end user device application, process 700 completes atstep 714 to return the message back to the data collection system.Alternatively, instead of returning the message, process 700 completesat step 716 to discard the message.

Referring to FIG. 8, a diagram of an exemplary validation key isdepicted in accordance with one embodiment of the present disclosure. Inthis embodiment, validation key 800 may be generated by data collectionsystem 116 after end user 102 or recipient user 140 selects a securitylevel and authentication types. In this example, validation key 800comprises an authentication setting field 802, which may include thesecurity level and authentication types selected by end user orrecipient user. In addition, validation key 800 comprises a personaldata field 804, which may include personal data of the recipient user orend user necessary for authentication. Furthermore, validation key 800may include a quick response code 806, which indicates to the receivingdevice application whether a quick response is expected from the sender.If a quick response code is expected, the message is placed up inpriority for delivery. Otherwise, the message is delivered to therecipient user in the ordinary manner without interruptions.

In summary, the present disclosure provides a method, a system, andcomputer readable medium comprising instructions for message deliverysecurity validation. By allowing the end user to select security levelsand authentication types based on the message, the security of messagedelivery is increased. In addition, by generating a validation key andproviding automatic validation of the validation key at the recipientdevice, only recipient designated by the end user may receive themessage. In this way, message delivery is more secured and may beperformed in a manner that does not create disruptions to therecipients.

Although the above descriptions set forth preferred embodiments, it willbe understood that there is no intent to limit the embodiment of thedisclosure by such disclosure, but rather, it is intended to cover allmodifications, substitutions, and alternate implementations fallingwithin the spirit and scope of the embodiment of the disclosure. Theembodiments are intended to cover capabilities and concepts whether theybe via a loosely coupled set of components or they be converged into oneor more integrated components, devices, circuits, and/or softwareprograms.

What is claimed is:
 1. A method for message delivery security validationcomprising: receiving at least one authentication setting from an enduser at a data collection system; generating a validation key based onthe at least one authentication setting; sending a message and thevalidation key to a device of a recipient; automatically determining, bythe device of the recipient, whether the validation key issued by thedata collection system is recognized; and delivering the message to thedevice of the recipient when the validation key is recognized; whereinthe at least one authentication setting comprises: at least one securitylevel for the message selected by the end user; and at least one type ofauthentication for the at least one selected security level; wherein acombination of the types of authentication are used for a certainsecurity level of the at least one selected security level.
 2. Themethod of claim 1, wherein generating a validation key based on at leastone authentication setting comprises: accessing data from a personaldatabase; generating the validation key based on the data and the atleast one authentication setting; and storing the validation key in anauthentication log.
 3. The method of claim 1, wherein the automaticallydetermining, by the device of the recipient, of whether the validationkey is recognized comprises: receiving the message and the validationkey from the data collection system.
 4. The method of claim 1, whereinthe automatically determining, by the device of the recipient, ofwhether the validation key is recognized comprises: receiving themessage and the validation key from the data collection system;determining whether a quick response code is attached to the validationkey; and placing the message up in priority for delivery whether thequick response code is attached to the validation key.
 5. The method ofclaim 1, wherein the automatically determining, by the device of therecipient, of whether the validation key is recognized comprises:receiving the message and the validation key from the data collectionsystem; determining whether a quick response code is attached to thevalidation key; and prompting the recipient for a quick response whetherthe quick response code is attached to the validation key.
 6. The methodof claim 1, wherein the automatically determining, by the device of therecipient, of whether the validation key is recognized comprises:receiving the message and the validation key from the data collectionsystem; and returning the message to the data collection system when thevalidation key is not recognized.
 7. The method of claim 1, wherein theautomatically determining, by the device of the recipient, of whetherthe validation key is recognized comprises: receiving the message andthe validation key from the data collection system; and discarding themessage when the validation key is not recognized.
 8. The method ofclaim 1, wherein the determining of whether the validation key isrecognized comprises: comparing the validation key against a key of thedevice of the recipient; and recognizing the validation key when thevalidation key matches against the key of the device of the recipient.9. The method of claim 1, wherein the delivering of the message to therecipient upon authentication comprises: delivering the message to therecipient without interruption.
 10. A system for message deliverysecurity validation, comprising: a device of an end user configured tosend a message and selecting at least one authentication setting; a datacollection system communicably coupled to the device of the end user,the data collection system is configured to receive the at least oneauthentication setting and generate a validation key based on the atleast one authentication setting; and a device of a recipientcommunicably coupled to the data collection system, the device isconfigured to automatically determine whether the validation key isrecognized and deliver the message to the recipient when the validationkey is recognized; wherein the at least one authentication settingcomprises: at least one security level for the message selected by theend user; and at least one type of authentication for the at least oneselected security level; wherein a combination of the types ofauthentication are used for a certain security level of the at least oneselected security level.
 11. The system of claim 10, wherein the deviceof the end user is a data processing system, a mobile device, or atelephone.
 12. The system of claim 10, wherein the device of therecipient is a data processing system, a mobile device, or a telephone.13. The system of claim 10, wherein the data collection system is a dataprocessing system or a server.
 14. The system of claim 10, wherein thedata collection system is configured to access data from a personaldatabase, generate the validation key based on the data and the at leastone authentication setting, and store the validation key in anauthentication log.
 15. The system of claim 10, wherein the device ofthe recipient is configured to receive the message and the validationkey from the data collection system.
 16. The system of claim 10, whereinthe device of the end user is configured to receive the message and thevalidation key from a data collection system, determine whether a quickresponse code is attached to the validation key, and place the messageup in priority for delivery whether the quick response code is attachedto the validation key.
 17. A non-transitory computer readable mediumcomprising instructions configured to cause a processor to: receive amessage, at least one authentication setting and a validation keygenerated by a data collection system; automatically determine whetherthe validation key is recognized; and deliver the message to a recipientwhen the validation key is recognized; wherein the at least oneauthentication setting comprises: at least one security level for themessage selected by an end user; and at least one type of authenticationfor the at least one selected security level; wherein a combination ofthe types of authentication are used for a certain security level of theat least one selected security level.
 18. The non-transitory computerreadable medium of claim 17, wherein the validation key is generatedbased on at least one authentication setting set by a device of an enduser.